>From shorewall-rules(5), DEST section: Restriction: MAC addresses are not allowed (this is a Netfilter restriction).
You can only have a MAC in the SOURCE column. Regards, -Roberto On Fri, Jul 01, 2016 at 01:54:08PM -0400, Bill Shirley wrote: > I can't get Shorewall to accept a MAC address in the rules file. MAC > addresses work in > tcrules. > > params: > phil_laptop_mac=~00-50-b6-70-25-63 > > tcrules: > ?COMMENT -masq- phil laptop > $INET2_FWMARK2/$CONNMASK:P $phil_laptop_mac > > rules: > DNAT inet mem:$phil_laptop_mac tcp 80,37777 > > shorewall check: > Checking /etc/shorewall/rules... > ERROR: Invalid IP Address (~00-50-b6-70-25) /etc/shorewall/rules (line > 104) > > Shorewall thinks it's an IP address instead of a MAC address. Am I doing > something wrong? > It's also dropping the last byte of the MAC address. > > [1:root@elvis shorewall 148]$ rpm -q shorewall > shorewall-4.5.15-1.fc19.noarch > > Bill > > > ------------------------------------------------------------------------------ > Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San > Francisco, CA to explore cutting-edge tech and listen to tech luminaries > present their vision of the future. This family event has something for > everyone, including kids. Get more information and register today. > http://sdm.link/attshape > _______________________________________________ > Shorewall-users mailing list > Shorewall-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/shorewall-users -- Roberto C. Sánchez http://people.connexer.com/~roberto http://www.connexer.com ------------------------------------------------------------------------------ Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San Francisco, CA to explore cutting-edge tech and listen to tech luminaries present their vision of the future. This family event has something for everyone, including kids. Get more information and register today. http://sdm.link/attshape _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
